Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(auth): migrate device secrets on android #4260

Closed
wants to merge 6 commits into from
Closed

feat(auth): migrate device secrets on android #4260

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
5a5e731
merge main
khatruong2009 Jan 25, 2024
48ce349
chore: added a bracket and removed new keywords
khatruong2009 Jan 25, 2024
c23450f
chore: changed signature of deleteLegacyDeviceSecrets and regenerated…
khatruong2009 Jan 26, 2024
fd1759b
chore: run dart format on generated file
khatruong2009 Jan 26, 2024
c6a8e48
chore: migrateLegacyDeviceSecrets now gets called before deleteLegacy…
khatruong2009 Feb 5, 2024
7d80667
chore: add delete and fetch methods to the cognito swift file
khatruong2009 Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
931 changes: 931 additions & 0 deletions ...s/auth/amplify_auth_cognito/android/app/src/main/java/com/example/app/NativeAuthPlugin.kt
View file
Open in desktop

Large diffs are not rendered by default.

86 changes: 85 additions & 1 deletion ...id/src/main/kotlin/com/amazonaws/amplify/amplify_auth_cognito/AmplifyAuthCognitoPlugin.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,16 @@ open class AmplifyAuthCognitoPlugin :
)
}

/**
ASF Device Secrets Storage.
*/
private val asfDeviceSecretsStore: LegacyKeyValueStore by lazy {
LegacyKeyValueStore(
applicationContext!!,
"AWS.Cognito.ContextData"
)
}

override fun onAttachedToEngine(binding: FlutterPlugin.FlutterPluginBinding) {
Log.d(TAG, "onAttachedToEngine")
applicationContext = binding.applicationContext
Expand Down Expand Up @@ -241,7 +251,7 @@ open class AmplifyAuthCognitoPlugin :
* - https://github.com/aws-amplify/aws-sdk-android/blob/main/aws-android-sdk-cognitoauth/src/main/java/com/amazonaws/mobileconnectors/cognitoauth/util/ClientConstants.java
*/
override fun getLegacyCredentials(identityPoolId: String?, appClientId: String?, callback: (Result<LegacyCredentialStoreData>) -> Unit) {
val data = LegacyCredentialStoreData.builder()
val data = LegacyCredentialStoreDataBuilder()

if (appClientId != null) {
val lastAuthUser = legacyUserPoolStore["CognitoIdentityProvider.$appClientId.LastAuthUser"]
Expand Down Expand Up @@ -273,6 +283,64 @@ open class AmplifyAuthCognitoPlugin :
callback(Result.success(data.build()))
}

/**
* Get Legacy Device Secrets
*/
override fun fetchLegacyDeviceSecrets(
userPoolId: String?,
appClientId: String?,
callback: (Result<LegacyDeviceDetailsSecret?>) -> Unit
) {
val data = LegacyDeviceDetailsBuilder()

if (appClientId != null) {
val lastAuthUser = legacyUserPoolStore["CognitoIdentityProvider.$appClientId.LastAuthUser"]

val newLegacyDeviceSecretsStore = LegacyKeyValueStore(
applicationContext!!,
"CognitoIdentityProviderDeviceCache.$userPoolId.$lastAuthUser"
)

val deviceKey = newLegacyDeviceSecretsStore["DeviceKey"]
val deviceSecret = newLegacyDeviceSecretsStore["DeviceSecret"]
val deviceGroup = newLegacyDeviceSecretsStore["DeviceGroupKey"]

data.apply {
this.deviceKey = deviceKey
this.deviceSecret = deviceSecret
this.deviceGroupKey = deviceGroup
}

}

val asfDeviceId = asfDeviceSecretsStore["CognitoDeviceId"]
data.apply {
this.asfDeviceId = asfDeviceId
}

callback(Result.success(data.build()))
}

/**
* Delete Legacy Device Secrets
*/
override fun deleteLegacyDeviceSecrets(userPoolId: String?, appClientId: String?, callback: (Result<Unit>) -> Unit) {
if (appClientId != null) {
val lastAuthUser = legacyUserPoolStore["CognitoIdentityProvider.$appClientId.LastAuthUser"]

val legacyDeviceSecretsStore = LegacyKeyValueStore(
applicationContext!!,
"CognitoIdentityProviderDeviceCache.$userPoolId.$lastAuthUser"
)

legacyDeviceSecretsStore.clear()
}

asfDeviceSecretsStore.clear()

callback(Result.success(Unit))
}

/**
* Clears the legacy credentials set by the Android SDK
*/
Expand Down Expand Up @@ -572,3 +640,19 @@ class LegacyCredentialStoreDataBuilder(
idToken,
)
}

fun LegacyDeviceDetailsSecret.Companion.builder() = LegacyDeviceDetailsBuilder()

class LegacyDeviceDetailsBuilder(
var deviceKey: String? = null,
var deviceSecret: String? = null,
var deviceGroupKey: String? = null,
var asfDeviceId: String? = null,
) {
fun build(): LegacyDeviceDetailsSecret = LegacyDeviceDetailsSecret(
deviceKey,
deviceSecret,
deviceGroupKey,
asfDeviceId,
)
}
26 changes: 26 additions & 0 deletions ...ndroid/src/main/kotlin/com/amazonaws/amplify/amplify_auth_cognito/LegacySecretHandler.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package com.amazonaws.amplify.amplify_auth_cognito

import android.content.Context
import io.flutter.plugin.common.PluginRegistry

class LegacySecretHandlerImpl(private val context: Context) : LegacySecretHandler, MethodChannel.MethodCallHandler {

private val channel = MethodChannel(registrar.messenger(), "com.amazonaws.amplify/amplify_auth_cognito")

fun fetchLegacyDeviceSecrets(userPoolConfig: CognitoUserPoolConfig?): LegacyDeviceDetails?{
return null
}

fun deleteLegacyDeviceSecrets(userPoolConfig: CognitoUserPoolConfig?) {
channel.invokeMethod("deleteLegacyDeviceSecrets", userPoolConfig?.poolId)
}

fun onMethodCall(call: MethodCall, result: MethodChannel.Result) {
if (call.method == "getDeviceId") {
result.success(getDeviceId())
} else {
result.notImplemented()
}
}

}
86 changes: 84 additions & 2 deletions ...tlin/com/amazonaws/amplify/amplify_auth_cognito/pigeons/NativeAuthPluginBindingsPigeon.kt
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

30 changes: 30 additions & 0 deletions packages/auth/amplify_auth_cognito/darwin/Classes/AmplifyAuthCognitoPlugin.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -171,5 +171,35 @@ public class AmplifyAuthCognitoPlugin: NSObject, FlutterPlugin, NativeAuthBridge
func clearLegacyCredentials(completion: @escaping (Result<Void, Error>) -> Void) {
preconditionFailure("clearing legacy credentials via method channel is not supported in iOS/macOS")
}

func fetchLegacyDeviceSecrets(userPoolId: String?, appClientId: String?, completion: @escaping (Result<LegacyDeviceDetailsSecret?, Error>) -> Void) {
guard let appClientId = appClientId else {
completion(.failure(FlutterError(code: "AmplifyException", message: "appClientId is required", details: nil)))
return
}

let userDefaults = UserDefaults.standard
let deviceSecrets = LegacyDeviceDetailsSecret(
deviceKey: userDefaults.string(forKey: "\(appClientId).deviceKey"),
deviceGroupKey: userDefaults.string(forKey: "\(appClientId).deviceGroupKey"),
devicePassword: userDefaults.string(forKey: "\(appClientId).devicePasswrd"),
asfDeviceId: userDefaults.string(forKey: "\(appClientId).asfDeviceId")
)
completion(.success(deviceSecrets))
}

func deleteLegacyDeviceSecrets(userPoolId: String?, appClientId: String?, completion: @escaping (Result<Void, Error>) -> Void) {
guard let appClientId = appClientId else {
completion(.failure(FlutterError(code: "AmplifyException", message: "appClientId is required", details: nil)))
return
}

let userDefaults = UserDefaults.standard
userDefaults.removeObject(forKey: "\(appClientId).deviceGroupKey")
userDefaults.removeObject(forKey: "\(appClientId).deviceKey")
userDefaults.removeObject(forKey: "\(appClientId).devicePassword")
userDefaults.removeObject(forKey: "\(appClientId).asfDeviceId")
completion(.success(()))
}

}
Loading
Loading